API tools faq
paste
Guest User

Untitled

a guest
May 25th, 2018
72
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.23 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python
  2.  
  3. import pwn
  4. import hashlib
  5. import re
  6. pwn.context.log_level = 'error'
  7.  
  8. import sys
  9. import itertools
  10. import collections
  11.  
  12. Feedback = collections.namedtuple('Feedback', ['correct', 'close'])
  13.  
  14. def generate_initial_pool(choices, holes):
  15. '''Generates the initial set of possible answers.'''
  16. return list(itertools.permutations(range(choices),holes))
  17. # return list(itertools.permutations(*[range(choices) for _ in xrange(holes)]))
  18.  
  19. def find_correct(actual, guess):
  20. '''Finds the sum of all correct matches.'''
  21. return sum([1 for (a, b) in zip(actual, guess) if a == b])
  22.  
  23.  
  24. def remove_correct(actual, guess):
  25. '''Removes all correct matches from two "rows"'''
  26. actual2 = [a for (a, b) in zip(actual, guess) if a != b]
  27. guess2 = [b for (a, b) in zip(actual, guess) if a != b]
  28. return actual2, guess2
  29.  
  30.  
  31. def find_close(actual, guess):
  32. '''Finds the sum of all close matches.'''
  33. actual, guess = remove_correct(actual, guess)
  34.  
  35. close = 0
  36. for possible in guess:
  37. if possible in actual:
  38. del actual[actual.index(possible)]
  39. close += 1
  40. return close
  41.  
  42.  
  43. def get_feedback(actual, guess):
  44. '''Compares two "rows" to each other and returns feedback.'''
  45. return Feedback(find_correct(actual, guess), find_close(actual, guess))
  46.  
  47.  
  48. def is_match(guess, feedback, possible):
  49. '''Returns true if hypothetical could be the answer given the feedback
  50. and the guess'''
  51. return feedback == get_feedback(possible, guess)
  52.  
  53.  
  54. def filter_pool(pool, guess, feedback):
  55. '''Filters through the pool of possibilities and removes ones which
  56. couldn't possibly be the answer.'''
  57. for possible in pool:
  58. if is_match(guess, feedback, possible) and (possible != guess):
  59. yield possible
  60.  
  61.  
  62. def make_guess(pool, feedback):
  63. '''Makes an educated guess between the pool of possibilities and
  64. the user feedback.'''
  65. min_length = float('infinity')
  66. best_choice = None
  67. for possible in pool:
  68. length = len(list(filter_pool(pool, possible, feedback)))
  69. if min_length > length:
  70. min_length = length
  71. best_choice = possible
  72. return best_choice
  73.  
  74. # nc 149.28.139.172 10002
  75.  
  76. powChars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
  77.  
  78. p = pwn.remote("149.28.139.172",10002)
  79. data = p.recv()
  80. [part1,hashTarget] = data.rstrip().split(" == ")
  81. hashSeed = part1.split("+")[1].rstrip(")")
  82.  
  83. def dopow(seed,target):
  84. print "Calculating target hash %s for seed %s" % (target,seed)
  85. for c1 in powChars:
  86. for c2 in powChars:
  87. for c3 in powChars:
  88. for c4 in powChars:
  89. s = "%c%c%c%c" % (c1,c2,c3,c4)
  90. if hashlib.sha256(s + seed).hexdigest() == target:
  91. return s
  92.  
  93. pow = dopow(hashSeed,hashTarget)
  94. p.recv()
  95. print "PoW Complete: %s" % pow
  96. p.sendline(pow)
  97.  
  98. # Give me 4 numbers, in[0, 10), You can only try 6 times
  99. # $ 1 2 3 4
  100. # Nope. 0, 1
  101.  
  102. def playGame(round):
  103. p.recvuntil("Give me ")
  104. numCount = int(p.recvuntil(" "),10)
  105. print "Got number count: %d" % numCount
  106.  
  107. p.recvuntil("in[")
  108. minBound = int(p.recvuntil(",").rstrip(","),10)
  109. print "Got minimum bound: %d" % minBound
  110.  
  111. p.recvuntil(" ")
  112. maxBound = int(p.recvuntil(")").rstrip(")"),10)
  113. print "Got maximum bound: %d" % maxBound
  114.  
  115. # flush buffer then go
  116. # print p.recvall(timeout=0.5)
  117. print "OK, Playing game %d numbers between [%d:%d]" % (numCount,minBound,maxBound)
  118. numbers = range(minBound,maxBound)
  119. holes = numCount
  120.  
  121. # flush buffer...
  122. p.recv()
  123.  
  124. pool = generate_initial_pool(maxBound - minBound, numCount)
  125. guess = [minBound + i for i in range(0,numCount)]
  126. # guess = [0 if (i < (holes / 2)) else 1 for i in range(holes)]
  127. while True:
  128. actualGuess = [str(minBound + x) for x in guess]
  129. print "Sending: %s" % " ".join(actualGuess)
  130. p.sendline(" ".join(actualGuess))
  131. data = p.recv()
  132. print data
  133. if "Wrong" in data:
  134. correct = 0
  135. close = 0
  136. elif "Nope." in data:
  137. (correct, close) = data.rstrip().lstrip("Nope. ").split(", ")
  138. correct = int(correct)
  139. close = int(close)
  140. else:
  141. if round == 8:
  142. print p.recv()
  143. else:
  144. print p.recvline()
  145. return
  146. print "Result: %d correct, %d close" % (correct, close)
  147. feedback = Feedback(correct,close)
  148. pool = list(filter_pool(pool,guess,feedback))
  149. guess = make_guess(pool,feedback)
  150.  
  151. r = 1
  152. while True:
  153. playGame(r)
  154. r += 1
  155.  
  156. p.interactive()
  157.  
  158. p.close()
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!